Online Privacy

February 10, 2013 Online Job Seekers, Still Beware of Scams! Today the Augusta Chronicle published a story by Jenna Martin quoting World Privacy Forum’s Pam Dixon about job seekers and how important it is for them to be wary of online job scams. “I am concerned that we are still seeing serious cases of

In a rare enforcement action of HIPAA, HHS fined an Arizona health care provider $100,000 for a variety of HIPAA violations, especially regarding electronic exchanges of protected health information. The HHS document outlining the reasons for the fine should act as a wake-up call to health care providers using public email, calendaring, and other tools for communication of ePHI. HHS specifically noted that the fined health care provider did not conduct an adequate risk assessment prior to using the email and Internet tools. The full HHS document is a must-read for health care providers. WPF has been warning about the need for full e-risk assessments since 2005 and strongly advocates for medical-identity-theft-specific risk assessments.

Search engine privacy — WPF has updated its search engine privacy tips page to include more tips on how to segregate online activities. This has always been important, and it has become more important in light of Google’s announcement that it will be sharing data across its business units.

Current online privacy debates focus on respecting the privacy interests of Internet users while accommodating business needs. Formal and informal proposals for improving consumer privacy offer different ideas for privacy regulation and privacy self-regulation, sometimes called codes of conduct. [1] Some in the Internet industry continue to advance or support ideas for privacy self- regulation. Many of these same players proposed and implemented privacy self-regulatory schemes that started in the late 1990s.

This section offers a historical review of privacy self-regulation that occurred in the years just before and just after 2000. For a variety of reasons, it is not necessarily fully comprehensive. Some self-regulatory efforts may have disappeared without a trace. Activities within existing trade associations are difficult or impossible to assess from evidence available to those outside the associations. However, this discussion captures the leading organizations of the time. [13]

This new World Privacy Forum report reviews privacy law applicable to the Precision Medicine Initiative (PMI), and the large medical information and biospecimen database at its center. The HIPAA health privacy rule and its protections for individuals will not apply to PMI research activities. The key privacy concerns raised by the PMI are the lack of applicable law to govern its collection and use of individuals’ health data, the potential waiver of the patient-physician legal privilege that can shield data from disclosure through litigation, and the possibility of law enforcement access to patient records held in the PMI.

To score is human. Ranking individuals by grades and other performance numbers is as old as human society. Consumer scores — numbers given to individuals to describe or predict their characteristics, habits, or predilections — are a modern day numeric shorthand that ranks, separates, sifts, and otherwise categorizes individuals and also predicts their potential future actions. This new report by Pam Dixon and Robert Gellman explores this issue of predictive scores and privacy.